NAME
XML::Compile::WSS::Sign - Base for WSS Signers
INHERITANCE
XML::Compile::WSS::Sign is extended by
XML::Compile::WSS::Sign::HMAC
XML::Compile::WSS::Sign::RSASYNOPSIS
# either
use XML::Compile::WSS::Util qw/DSIG_RSA_SHA1/;
my $sign = XML::Compile::WSS::Sign->new
( sign_method => DSIG_RSA_SHA1
, private_key => $key
, ...
);
# or
use XML::Compile::WSS::Sign::RSA;
my $sign = XML::Compile::WSS::Sign::RSA->new
( hashing => 'SHA1'
, private_key => $key
, ...
);DESCRIPTION
Supported signers
RSA
Hire me to implement other signers!
METHODS
Constructors
- XML::Compile::WSS::Sign->fromConfig(HASH|PAIRS)
-
Try to be very flexible. CONFIG can be a HASH, which could also be passed to new() directly. But it can also be various kinds of objects.
- XML::Compile::WSS::Sign->new(%options)
-
-Option --Default sign_method DSIG_RSA_SHA1
Attributes
Handlers
DETAILS
Signing, the generic part
The base of this whole security protocol is crypto-signing the messages, so you will always need to specify some parameters for new().
my $wss = XML::Compile::WSS::Signature->new
( signer => DSIG_$algo
, ...parameters for $algo...
);When the algorithm is known (see the next sections of this chapter), then the parameters will be used to produce the CODE which will do the signing.
Defend against man-in-the-middle
The signature can easily be spoofed with a man-in-the-middle attack, unless you hard-code the remote's public key.
my $wss = XML::Compile::WSS::Signature->new
( ...
, remote_token => $token
);SEE ALSO
This module is part of XML-Compile-WSS-Signature distribution version 2.04, built on June 26, 2025. Website: http://perl.overmeer.net/xml-compile/
LICENSE
Copyrights 2012-2025 by [Mark Overmeer <markov@cpan.org>]. For other contributors see ChangeLog.
This program is free software; you can redistribute it and/or modify it under the Artistic license. See http://dev.perl.org/licenses/artistic.html